An Exploratory Study into the Design of an IT Governance Minimum Baseline through Delphi Research

In many organisations, information technology (IT) has become crucial in the support, sustainability, and growth of the business. This pervasive use of technology has created a critical dependency on IT that calls for a specific focus on IT governance. IT governance consists of the leadership and organisational structures and processes that enable the required alignment between business and IT. This practice-oriented research concentrates on the IT governance practices that organisations can leverage to implement IT governance in reality. Based on literature research, pilot case research and Delphi research, this paper provides insights regarding the effectiveness and ease of implementation of IT governance practices and provides a minimum baseline of practices that organisations at least should have. Via this research, we want to contribute to new theory building and assist practitioners by providing more guidance on how IT governance can be effectively implemented

An IT value management capability model for portuguese universities: a Delphi study

One of the most common dilemmas faced today by organizations and their leaders is how to guarantee value from high level IT investments, i.e. how organizations ensure expected benefits from growth in IT investments. Knowledgeable about this reality, organizations seek solutions to solve this problem, either through the adoption of frameworks developed and proposed by the professional community (COBIT5; VAL IT 2.0; IT-CMF), or alternatively, by designing and implementing their own models. The aforementioned, for organizations in general, is not different in the context of Higher Education Institutions (HEIs). This paper adopts a Resource-Based View theory (RBV) to identify a set of competences and resources, which contribute to develop and conceptualize an IT Value Management Capability Model. The identified items were submitted to a panel of experts through a Delphi study in order to validate and propose a baseline to assist academic and practitioners understand essential requirements to implement an IT Value Management Capability Model (ITVMCM) in Portuguese public universities.This work has been supported by COMPETE: POCI-01-0145-FEDER-007043 and FCT – Fundação para a Ciência e Tecnologia within the Project Scope: UID/CEC/00319/2013

IT governance for public universities: developing a model

Information technology (IT) has become essential in supporting the growth and sustainability of all types of organizations. Universities are one of those types that are more and more dependent on IT having a technological infrastructure made of heterogeneous technologies that turns IT Governance into a real challenge. The teaching-learning and research processes, nuclear for universities, require effective and efficient IT governance so universities remain competitive. IT governance calls for the definition and implementation of formal practices at the highest level in the organization involving structures, processes and relational mechanisms for the creation of business value from IT investments. However, it is quite notorious the difficulty in defining and implementing those practices from frameworks such as COBIT, ITIL, ISO/IEC 38500, among others. The level of adoption of such frameworks at universities is quite low, superficial or limited in scope. To address these issues, we propose, using design science research, the development of an IT governance model for public universities. The model will be designed having the appropriate mechanisms identified through survey research and case studies involving Portuguese and Brazilian public universities. We expect to contribute with a model having structures, processes and relational mechanisms suitable for the public sector universities with the guidelines for effective and efficient IT governance. Moreover, contributions to the body of knowledge, regarding the adoption of frameworks such as COBIT and ITIL, taking in consideration contextual and contingency factors, are also expected in what particularly relates to Portuguese and Brazilian public universities.CAPES - Coordenação de Aperfeiçoamento de Pessoal de Nível Superior(UID/CEC/00319/2013)This work was supported by CAPES Foundation, Ministry of Education of Brazil Process n.º10415/13-0 and by FCT – Foundation for Science and Technology, project UID/CEC/00319/2013.info:eu-repo/semantics/publishedVersio

How IT Governance can assist IoT project implementation

Internet of things (IoT) is considered a key technology for the Industry 4.0 revolution. Information Technology (IT) governance (ITG) is now an increasingly important tool for organizations to align their IT strategy and infrastructures with the organizations’ business objectives. The most adopted ITG framework is COBIT, which defines seven enabler categories. These enablers aim to facilitate the implementation, identification, and management of IT. This research aims to determine, explore, and define which are the most suitable IT governance enablers to assist managers in IoT implementation. The study adopted the Design Science Research methodology, including two systematic literature reviews and a Delphi method to build the artefact. The artefact was demonstrated and evaluated in a real organization. The results indicate that data privacy, data protection, and data analysis are currently the most relevant enablers to consider in an IoT implementation because they increase the efficiency of the solution and enhance data credibility

Role assigning and taking in cloud computing

The widespread use of cloud computing (CC) has brought to the forefront information technology (IT) governance issues, rendering the lack of expertise in handling CC-based IT controls a major challenge for business enterprises and other societal organizations. In the cloud-computing context, this study identifies and ranks the determinants of role assigning and taking by IT people. The study’s integrative research links CC and IT governance to humane arrangements, as it validates and ranks role assigning and taking components through in-depth interviews with twelve IT decision-makers and forty-four Information Systems Audit and Control Association (ISACA) members, engaged as panelists in a Delphi technique implementation. The empirical results recognize skills and competencies as prioritized determinants of IT controls, while IT security, risk and compliance emerge as capabilities crucial to evaluate and manage CC service providers. Despite the study’s generalizability limitations, its findings highlight future research paths and provide practical guidelines toward the high technology of open-market IT self-governance. The latter entails the humane flows of collegial control and responsibility, as opposed to the inhumane flows of authority and power, under the sequestered technique of the bureaucratically-hierarchized IT hetero-governanc

IT governance enablers for an efficient IoT implementation

IoT is considered to be one of the focal points for the 4.0 industry revolution because of the way it is changing the business models of each organization. IT governance is now an increasingly important tool for organizations to align their IT infrastructure with the organization's business objectives. IT governance has been used to help implement new technologies using the best practices such as COBIT, which defines a number of enablers that facilitate the implementation, identification and management of IT. This research aims to explore and define the most suitable enablers for an IoT implementation. These objectives will be achieved through the Design Science Research methodology, which incorporates two literature reviews, a Delphi method and, finally, a semi-structured interview. With a first systematic review of the literature, it was possible to identify the main enablers to implement IoT. Next, the list was improved using the Delphi method, gathering expert opinion. In the Delphi method, the level of agreement was verified to create exclusion criteria and a level of efficiency in each recommendation. Finally, a specialist was interviewed to demonstrate the applicability and validation of the proposed artifact in the various IoT projects implemented by his organization. At the end, a final list of enablers for IoT implementation is provided. The results indicate that data privacy, data protection, and data analysis are currently the best recommendations to be considered in an IoT implementation because they increase the efficiency of the solution and increase the credibility of the data obtained. Future work and limitations are detailed in the end.A IoT é considerada como um dos pontos fulcrais para a revolução da indústria 4.0, devido à maneira como está a alterar os modelos de negócio das organizações. A governação das TI é atualmente uma ferramenta cada vez mais importante para as organizações alinharem a sua infraestrutura tecnológica com os objetivos de negócio da organização. A governação de TI tem sido utilizada para ajudar na implementação de novas tecnologias recorrendo à utilização de boas práticas como por exemplo o COBIT, que define vários enablers que facilitam a implementação, identificação e gestão das TI. Esta investigação visa explorar e definir os enablers mais adequados para uma implementação de IoT. Estes objetivos vão ser alcançados através da metodologia Design Science Research, que incorpora duas revisões de literatura, um método Delphi e por fim uma entrevista semiestruturada. Com uma primeira revisão sistemática da literatura, foi possível identificar os principais enablers para implementar IoT. De seguida, a lista foi melhorada utilizando o método Delphi, recolhendo a opinião de especialistas. No método Delphi, verificou-se o nível de concordância para criar critérios de exclusão e um nível de eficiência em cada recomendação. Finalmente, um especialista foi entrevistado para demonstrar a aplicabilidade e validar o artefacto proposto nos diversos projetos de IoT implementados pela sua organização. No final a lista de enablers para implementar IoT é fornecida. Os resultados indicam que atualmente, a privacidade de dados, a proteção de dados e a análise de dados são as melhores recomendações a serem consideradas numa implementação de IoT, porque aumentam a eficiência da solução e aumentam a credibilidade dos dados obtidos. Trabalho futuro e limitações são detalhadas no final

Grounding Theory from Delphi Studies

The Delphi method is recommended for exploratory research in emerging research areas. Despite earlier suggestions for using the Delphi method for theory creation, few analytical tools are provided for this purpose. However, Grounded Theory is especially devoted to creating theories from qualitative data. This paper describes an enhanced Delphi method which integrates data analysis techniques from Grounded Theory. The resulting Grounded Delphi Method (GDM) improves Delphi studies by bringing in a data collection technique that focuses explicitly on the identification of the reasons and consequences for issues, ranked by experts. Moreover, the techniques of open and axial coding support the discovery of theoretical concepts from the initial Delphi issues. In turn, the ranking process of the Delphi method provides a rigorous means for selecting core categories for theory development, which decreases researcher interference on this issue

ERP implementation methodologies and frameworks: a literature review

Enterprise Resource Planning (ERP) implementation is a complex and vibrant process, one that involves a combination of technological and organizational interactions. Often an ERP implementation project is the single largest IT project that an organization has ever launched and requires a mutual fit of system and organization. Also the concept of an ERP implementation supporting business processes across many different departments is not a generic, rigid and uniform concept and depends on variety of factors. As a result, the issues addressing the ERP implementation process have been one of the major concerns in industry. Therefore ERP implementation receives attention from practitioners and scholars and both, business as well as academic literature is abundant and not always very conclusive or coherent. However, research on ERP systems so far has been mainly focused on diffusion, use and impact issues. Less attention has been given to the methods used during the configuration and the implementation of ERP systems, even though they are commonly used in practice, they still remain largely unexplored and undocumented in Information Systems research. So, the academic relevance of this research is the contribution to the existing body of scientific knowledge. An annotated brief literature review is done in order to evaluate the current state of the existing academic literature. The purpose is to present a systematic overview of relevant ERP implementation methodologies and frameworks as a desire for achieving a better taxonomy of ERP implementation methodologies. This paper is useful to researchers who are interested in ERP implementation methodologies and frameworks. Results will serve as an input for a classification of the existing ERP implementation methodologies and frameworks. Also, this paper aims also at the professional ERP community involved in the process of ERP implementation by promoting a better understanding of ERP implementation methodologies and frameworks, its variety and history

Improving the quality of the COBIT 5 goals cascade as an IT process prioritisation mechanism

COBIT 5 is a commonly used IT Governance Framework. Its first principle is that all IT related activities should support generating value for the enterprise. This principle is put in practice through the COBIT 5 Goals Cascade. In this paper the author has researched this principle's main claimed benefit, i.e. that it allows to prioritise IT related processes based on overall enterprise priorities. The quality of the goals cascade was researched by looking at the accuracy of the published mapping tables, the dependencies between goals in the same goal set and the sensitivity of the Goals Cascade towards input variations. The author concludes that the current Goals Cascade isn't very useable as a prioritisation mechanism for IT processes. The author finally proposes an improvement to the current Goals Cascade, consisting of an additional, limited set of ‘Enterprise Strategies' that map directly to IT related processes. A prototype solution has been tested, showing promising improvements